Commit 7ad78592 authored by Paulo Alcantara's avatar Paulo Alcantara Committed by Steve French
Browse files

smb: client: Add tracepoint for krb5 auth 



Add tracepoint to help debugging krb5 auth failures.

Example:

$ trace-cmd record -e smb3_kerberos_auth
$ mount.cifs ...
$ trace-cmd report
mount.cifs-1667 [003] .....  5810.668549: smb3_kerberos_auth: vers=2
host=w22-dc1.zelda.test ip=192.168.124.30:445 sec=krb5 uid=0 cruid=0
user=root pid=1667 upcall_target=app err=-126

Signed-off-by: default avatarPaulo Alcantara (Red Hat) <pc@manguebit.org>
Reviewed-by: default avatarDavid Howells <dhowells@redhat.com>
Cc: Pierguido Lambri <plambri@redhat.com>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
parent a8fce7c8

fs/smb/client/cifs_spnego.c

+1 −0
Original line number Diff line number Diff line
@@ -159,6 +159,7 @@ cifs_get_spnego_key(struct cifs_ses *sesInfo, 
	cifs_dbg(FYI, "key description = %s\n", description);

	scoped_with_creds(spnego_cred)

		spnego_key = request_key(&cifs_spnego_key_type, description, "");

	trace_smb3_kerberos_auth(server, sesInfo, PTR_ERR_OR_ZERO(spnego_key));



#ifdef CONFIG_CIFS_DEBUG2

	if (cifsFYI && !IS_ERR(spnego_key)) {

fs/smb/client/smb2pdu.c

+0 −2
Original line number Diff line number Diff line
@@ -1695,8 +1695,6 @@ SMB2_auth_kerberos(struct SMB2_sess_data *sess_data) 
	spnego_key = cifs_get_spnego_key(ses, server);

	if (IS_ERR(spnego_key)) {

		rc = PTR_ERR(spnego_key);

		if (rc == -ENOKEY)

			cifs_dbg(VFS, "Verify user has a krb5 ticket and keyutils is installed\n");

		spnego_key = NULL;

		goto out;

	}

fs/smb/client/trace.c

+1 −0
Original line number Diff line number Diff line
@@ -5,5 +5,6 @@ 
 *   Author(s): Steve French <stfrench@microsoft.com>

 */

#include "cifsglob.h"

#include "cifs_spnego.h"

#define CREATE_TRACE_POINTS

#include "trace.h"

fs/smb/client/trace.h

+43 −0
Original line number Diff line number Diff line
@@ -1692,6 +1692,49 @@ DEFINE_SMB3_CREDIT_EVENT(waitff_credits); 
DEFINE_SMB3_CREDIT_EVENT(overflow_credits);

DEFINE_SMB3_CREDIT_EVENT(set_credits);



TRACE_EVENT(smb3_kerberos_auth,

		TP_PROTO(struct TCP_Server_Info *server,

			 struct cifs_ses *ses,

			 int rc),

		TP_ARGS(server, ses, rc),

		TP_STRUCT__entry(

			__field(pid_t, pid)

			__field(uid_t, uid)

			__field(uid_t, cruid)

			__string(host, server->hostname)

			__string(user, ses->user_name)

			__array(__u8, addr, sizeof(struct sockaddr_storage))

			__array(char, sec, sizeof("ntlmsspi"))

			__array(char, upcall_target, sizeof("mount"))

			__field(int, rc)

		),

		TP_fast_assign(

			__entry->pid = current->pid;

			__entry->uid = from_kuid_munged(&init_user_ns, ses->linux_uid);

			__entry->cruid = from_kuid_munged(&init_user_ns, ses->cred_uid);

			__assign_str(host);

			__assign_str(user);

			memcpy(__entry->addr, &server->dstaddr, sizeof(__entry->addr));



			if (server->sec_kerberos)

				memcpy(__entry->sec, "krb5", sizeof("krb5"));

			else if (server->sec_mskerberos)

				memcpy(__entry->sec, "mskrb5", sizeof("mskrb5"));

			else if (server->sec_iakerb)

				memcpy(__entry->sec, "iakerb", sizeof("iakerb"));

			else

				memcpy(__entry->sec, "krb5", sizeof("krb5"));



			if (ses->upcall_target == UPTARGET_MOUNT)

				memcpy(__entry->upcall_target, "mount", sizeof("mount"));

			else

				memcpy(__entry->upcall_target, "app", sizeof("app"));

			__entry->rc = rc;

		),

		TP_printk("vers=%d host=%s ip=%pISpsfc sec=%s uid=%d cruid=%d user=%s pid=%d upcall_target=%s err=%d",

			  CIFS_SPNEGO_UPCALL_VERSION, __get_str(host), __entry->addr,

			  __entry->sec, __entry->uid, __entry->cruid, __get_str(user),

			  __entry->pid, __entry->upcall_target, __entry->rc))



TRACE_EVENT(smb3_tcon_ref,

	    TP_PROTO(unsigned int tcon_debug_id, int ref,